Legal claims defining the scope of protection, as filed with the USPTO.
1. A system for providing operating system (OS) agnostic validation of firmware images, the system comprising: a storage device to store a plurality of metadata sets that are each associated with one of a plurality of firmware images; and a management processor of a plurality of management processors that is operatively connected to the storage device, wherein the plurality of management processors are assigned to a trusted group, the management processor to: receive a request to verify the plurality of firmware images; access a first installation of a first firmware image of the plurality of firmware images via a physical interface; use a first metadata set of the plurality of metadata sets to verify the first installation; forward the request to a child management processor of the plurality of management processors, wherein the plurality of management processors are related according to a tree hierarchy; use a second metadata set of the plurality of metadata sets to verify a second installation of a second firmware image of the plurality of firmware images aggregate verification results from the plurality of management processors; and generate a firmware status response based on the verification results.
2. The system of claim 1 , wherein the child management processor is to: forward the request to a grandchild management processor of the plurality of management processors.
3. The system of claim 1 , wherein the physical interface is an authenticated sideband interface, and wherein the firmware installation is installed on an input/output (I/O) controller.
4. The system of claim 1 , wherein the first metadata set comprises a firmware signature that is used to verify the first installation.
5. The system of claim 1 , wherein the first metadata set comprises a version number and compilation date of the first firmware image that are used to verify the first installation.
6. A method for providing operating system (OS) agnostic validation of firmware images, the method comprising: receiving a request to verify a plurality of firmware images, wherein each of the plurality of firmware images is associated with one of a plurality of metadata sets; accessing a first installation of a first firmware image of the plurality of firmware images via a physical interface; using a first metadata set of the plurality of metadata sets to verify the first installation, wherein the first metadata set comprises a firmware signature that is used to verify the first installation; forwarding the request to a child management processor of a plurality of management processors, wherein the plurality of management processors are in a trusted group and related according to a tree hierarchy; using a second metadata set of the plurality of metadata sets to verify a second installation of a second firmware image of the plurality of firmware images; aggregating verification results from the plurality of management processors; and generating a firmware status response based on the verification results.
7. The method of claim 6 , further comprising: forwarding the request to a grandchild management processor of the plurality of management processors.
8. The method of claim 6 , wherein the physical interface is an authenticated sideband interface, and wherein the firmware installation is installed on an input/output (I/O) controller.
9. The method of claim 6 , wherein the first metadata set comprises a version number and compilation date of the first firmware image that are used to verify the first installation.
10. A non-transitory machine-readable storage medium encoded with instructions executable by a processor for providing operating system (OS) agnostic validation of firmware images, the machine-readable storage medium comprising instruction to: receive a request to verify a plurality of firmware images, wherein each of the plurality of firmware images is associated with one of a plurality of metadata sets; access a first installation of a first firmware image of the plurality of firmware images via a physical interface; use a first metadata set of the plurality of metadata sets to verify the first installation, wherein the first metadata set comprises a firmware signature that is used to verify the first installation; forward the request to a child management processor of a plurality of management processors, wherein the plurality of management processors are in a trusted group and related according to a tree hierarchy; use a second metadata set of the plurality of metadata sets to verify a second installation of a second firmware image of the plurality of firmware images; aggregate verification results from the plurality of management processors, wherein each of the verification results describes that validity of one of the plurality of firmware images; and generate a firmware status response based on the verification results.
11. The non-transitory machine-readable storage medium of claim 10 , wherein the machine-readable storage medium further comprises instruction to: forward the request to a grandchild management processor of the plurality of management processors.
12. The non-transitory machine-readable storage medium of claim 10 , wherein the physical interface is an authenticated sideband interface, and wherein the firmware installation is installed on an input/output (I/O) controller.
Unknown
April 9, 2019
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.